URLhaus Database

You are currently viewing the URLhaus database entry for http://googlemeta.xyz/cgi-bin/FILE/g7k6sg7dhze/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:436370
URL: http://googlemeta.xyz/cgi-bin/FILE/g7k6sg7dhze/
URL Status:Offline
Host: googlemeta.xyz
Date added:2020-08-19 07:20:09 UTC
Last online:2020-08-21 03:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: spamhaus
Abuse complaint sent (?): Yes (2020-08-19 07:22:04 UTC to hm-changed{at}vnnic[dot]vn)
Takedown time:1 day, 20 hours, 15 minutes Poor (down since 2020-08-21 03:37:32 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-08-19DOC_98000898843.docdoc fa3a4eac9e3ce646dff62fee34d1d25b303584637a2f596797e0848ddedc34e4Virustotal results 16.39%Heodo
2020-08-19REP_PO_08202020EX.docdoc 063b886950d14cfd765fafcd552629e1c87c3c1d0b03cc4a794e8c02dd34db42n/aHeodo
2020-08-19INV_78657592961321820113050.docdoc 249d09495f8a48b2afa8c8ee4d0d0dd82905f53396e8026eb04a6db756d73593n/aHeodo
2020-08-19PO_08192020EX.docdoc 080538677c76d09277a58f1dc9be3e5df254a92d12fddc11326c1f896cd93a98Virustotal results 17.24%Heodo
2020-08-19S_98797782.docdoc c3f0d0d594a74f097907231612a0cd0da8c75160a2ae1064a3744ecdea407986Virustotal results 15.00%Heodo
2020-08-19NV_769081079106847921017229.docdoc 7feab4f1f35adcc7433afdbf4448e5b79996fbe150dfe6e0f708a6c13ce86f7bVirustotal results 23.33%Heodo
2020-08-19HV8926411013EZ.docdoc 8be59997575735dc3845990047094781b5e69f074f5b6569e6e1dcea50f08693Virustotal results 23.33%Heodo
2020-08-19A_03298152.docdoc 86480c7538f4288ee85b3d2de9e26e9d24cf22c6a2902bf81013a5826ff2afeeVirustotal results 23.33%Heodo
2020-08-19F_23336277.docdoc 39f8850f02b807a843447f461d3436d67191f0f08709c03d32958988964b5e9fn/aHeodo
2020-08-19INV_J9024J80M7.docdoc 783974bc2743d417a2df0a73eaf9e83ebf04435f67741f711a498effe3997894Virustotal results 22.03%Heodo
2020-08-19AFQ_JL8273567561HG.docdoc 4e56ff16c77956f3ade450d4f9597ac98de493849f2a44b35f6b916f8aea099dVirustotal results 23.33%Heodo
2020-08-1982745626.docdoc 0d9522e1c5d18866b466aa9d28546adc56ea56f6d821fdda5ab77b1285b9e0d8Virustotal results 23.33%Heodo
2020-08-1904975528.docdoc 5107d73e85becfa7829813529310561cc6973e71b95c5eaa3b236646a2157533n/aHeodo
2020-08-19INV_98928754.docdoc d39c833a3b98e3b3b9e52621ec95c0ded900b865987a8e3fbccec144778f3ff6n/aHeodo
2020-08-19H_6520329334561.docdoc 6e24d40dd2ab39e102c07369124f050fc0b0f2c103fc5acd2fcf280d8048b1bbn/aHeodo
2020-08-19Z6KVW2MFS6WC9GI.docdoc 77834d629af8b45f85ec232e03fab3cf97e78e448b23fe48bc93ad6a391f3c90n/aHeodo
2020-08-19FILE_701503062461311.docdoc a47b7f6d9af6602b2dac196cb0faf5414e8a3d7f94604f937e2e66f19fd17b61n/aHeodo
2020-08-19BAL_XFT0Q48K10T8ZF5.docdoc 40430817aac77bdfe251ec9275bd54f3f38e091508e5381af53292469132db78n/aHeodo
2020-08-19REP_611064624466584423403607.docdoc 3ae29b3f7f29f20ad0073a44572a88b7aafe19da62e0a8d8d8a04213945f0e80Virustotal results 16.39%Heodo
2020-08-19FILE_5577059806726865456.docdoc dffce4f3af033dddc15747bb720fb0bd4358e29dffa6c674242ce4350b44af48n/aHeodo
2020-08-1999912557807.docdoc 5a216285239e2f997444c5eb15fd484fcfbb8a3d23acfea4b5d587768ba66063n/aHeodo
2020-08-1925687994.docdoc d054c0a4a703726e52aaa5f6db946aefbc777af3e84c0bef5d5cfa5f7dbfe034n/aHeodo
2020-08-19IMJ_080120_PYY_081920.docdoc 1b110485a730140a1499cfb4e0313b280748117cd1f41699438e6e103af73ea7n/aHeodo
2020-08-19ZN4082112560IZ.docdoc 74c2c54fc85691f5881aab90f9e3a678723c7e3b2e7a987c172eef23d4f275c4n/aHeodo
2020-08-19BAL_CU2422107762VB.docdoc 8e285d653d5b70acd8afaba99b8eb4bfac624da777e0bad5e74da2cf0487cdb8Virustotal results 18.33%Heodo
2020-08-19INV_38167550.docdoc 75053be7f5d07337ba28d4d9fed63933fdd33feda824f8adb8587e4b4829caf5n/aHeodo
2020-08-19REP_86179093.docdoc a7f7da45bf54c26cc2fce4e3c3a639209f7701cad6339b69b3980224423d2d7bVirustotal results 16.67%Heodo
2020-08-19DOC_PO_08192020EX.docdoc ddc5000139723887bfc62c11f989af0e0fdf375b0ba4557f5abc5805e1228203Virustotal results 16.95%Heodo
2020-08-19PO_08192020EX.docdoc 25155c0bdbb328c6e4d68df35320b627b978d287c658085bc03617601fff804bVirustotal results 16.67%Heodo
2020-08-19INV_OVVW8DSMYDW.docdoc 5ee8314065d14a3a3a5b81dcc72ecdcf770103b6d6fbd433eb4a6f41a9dfed1dVirustotal results 17.86%Heodo
2020-08-19TR_PO_08192020EX.docdoc 6c565f07002b82c287ed1f4c316b8ed204766e4fbd223250f1c2cc1f110b7bdbn/aHeodo
2020-08-19NPB_531631447341411.docdoc 2178e04a6c3803cb05384c709f7c8bd879b844bba640c84c1807eae4253cf5f4n/aHeodo
2020-08-19REP_CJR_080120_TMX_081920.docdoc 362e736d6f3bff825ce41cbe07673edecd04b460201d5f464ab18f547085ffb5n/aHeodo
2020-08-198HYYRGGQ4DGTYN00.docdoc 05897a743fd2fe3d791b9560b3a3a0d5fa3f4ca8c2dc6f1a490aaf4a7f4f5636Virustotal results 18.33%Heodo
2020-08-19REP_130ZUMPIOWU.docdoc 409122eb219c5db47542b67fd19278d68e792c7b5a9d4d221a3ba140e0bfd947n/aHeodo
2020-08-19C_PO_08192020EX.docdoc a3cdf0d9417faf332e124ab24792ff79fdd1dcd6f24bfb381b70d9b735e6cf18n/aHeodo
2020-08-19BAL_18993997.docdoc e7b5571f8fcba096c1240aec4d940d600588432e00c3f22504711fc6b240f8bfn/aHeodo
2020-08-19INV_XEF_080120_LKB_081920.docdoc cbcffeaf57dc69c22c4c1f6eaa6b2102c764aa8b0080b466aa95969f3c0283e1n/aHeodo
2020-08-19DOC_QJNMSEO1QM4.docdoc 14c8425a5923efb623ff5070d126d05348baaca0a46096c569a40d6afe8e0244Virustotal results 45.90%Heodo
2020-08-192SSP776F.docdoc 556452d5bf4f0308f1e921d0f3fa843ac8aeb067be026bf45b0c7273a1379c3an/aHeodo